iOS 9: Untrusted Enterprise Developer

Context

The source of an app is determined by the enterprise distribution certificate used to sign the app. Once a user has trusted an Enterprise Developer, the user can then run any app that was signed with the same certificate—without having to trust the developer again.

Issue

Before iOS 9 will run any app that was not installed through the Apple App Store, it requires users to confirm that they trust the source—the “Enterprise Developer”—of the app. As a best practice you should sign all of your apps secured by Blue Cedar using the same enterprise distribution certificate. Things will still work when apps are signed with different certificates, but it adds extra steps for the end users since they will need to trust multiple Enterprise Developers.

Solution

Before a user first opens an app that was signed with your enterprise distribution certificate, they need to go to Settings > General > Profile > Select your distribution profile and trust it.

Note: Trusting an app's source is not new with iOS 9, but the experience for the user has changed.

  • Prior to iOS 9, if a user launched an app from a developer that was not yet trusted on the device, the operating system displayed a message with a Trust button that the user could tap to complete the trust process. 
  • iOS 9 still displays a message, but no longer shows the Trust button; instead, the user needs to cancel the message, open Settings, and navigate to the Trust button for the untrusted enterprise developer.